A vulnerability is a bug that might result in security problems. For example, a user login portal that is meant to validate a user’s email and password. If the programmer makes a mistake in the code and the password doesn’t get validated properly, but the code lets somebody log in with an email address alone, that’s a vulnerability. A bug of this type might be exploited by hackers or other users with malicious intent.

Vulnerability Types

Resource ExhaustionNormally uses a lot of processor time / memory and prevents others using the program, if a program is given specific data. It generally results in a service being unavailable. This is not overly worrying, because access isn’t achieved.
XSSThis involves code running in a context that it doesn’t normally run in. Sometimes this leads to theft of credentials and other problems.
File InclusionUsually code running on a website is not viewable by users of the site, only by administrators and developers. The code is usable by users but they can only see the results of the code running, not the actual code itself. vulnerability happens when code doesn’t properly check what files it is loading, and loads code or a file of the user’s choice. might be run (serious) or displayed (less serious but still problematic, because source code on a web server usually includes database credentials and other sensitive information).
SQL InjectionSQL injection is a type of bug where users are able to provide commands to a SQL database when they should not be able to. Most websites store their data in a SQL database, so this can lead to data being stolen.

Severity

Vulnerabilities are also categorized by the consequences of someone taking advantage of them. If exploiting a vulnerability slows down the web server, that’s problematic and needs remediation. But if exploiting a vulnerability means a hacker can download the entire customer database, that’s far more serious. A number of common terms describe what consequences result when a particular vulnerability is exploited:

TermMeaning
Information DisclosureInformation that normally is not accessible to users is made accessible. This information can often be leveraged to carry out further attacks which would not be possible without that information.
Privilege EscalationA user with low level privileges is able to use a vulnerability to obtain high-level privileges and greater access to a server.
Authentication BypassSome authentication mechanism (e.g. the WordPress login page) can be skipped without entering valid username/password credentials, giving access inappropriately.
Injection(SQL Injection, Code Injection) When the software normally runs code in a specific context – e.g. against a SQL database – and a user is able to provide code to run in that context, where the expectation is that the user is only able to provide data to that context, not code.

WordPress Vulnerabilities

WordPress is software written in the PHP programming language that runs on a web server (Apache or nginx) and uses a SQL database (MySQL/MariaDB) to store its data. This means that in theory WordPress can be affected by vulnerabilities in the Apache or nginx web server itself (typically buffer overflow or denial of service) and vulnerabilities in PHP itself, as opposed to the PHP code WordPress is made of (typically buffer overflows, encoding bugs, null byte issues, denial of service).

Normally however the vulnerabilities that affect most WordPress sites occur in the PHP and JavaScript code of WordPress core, or the plugins and themes being used. Plugin and theme code is often written by inexperienced developers not following security practices, or is not reviewed for security problems. And since the WordPress ecosystem is so large and there are so many extensions available, a site with a significant number of plugins or themes installed can easily run into trouble with insecure (vulnerable) code.

Similar Posts

Leave a Reply